I've detected that my server uses PHPSESSID through Google Website owner Tools. The Bounce Rate as proven in the search engines Statistics began to improve from a couple of to 75% since i have have detected PHPSESSID two days ago. By using it a lot of URL parameters turned up on my small site. I’m not able to remove them and that i are only able to determine if the records impact the behaviour of my website or otherwise. I can tell over 160 re-directs to copy content. I understand will be able to make use of the following records:

 php_value session.use_only_cookies 1 
 php_value session.use_trans_sid 0

inshtaccess to avoid PHPSESSID from showing up.

However this doesn’t solve the issue. Since I Have will have an engaged site I can’t make use of this code:

$actualurl= 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; 
$correcturl = 'http://www.ragepank.com/articles/26/disable-phpsessid/'; 
if ($correcturl != $actualurl) { 
header("HTTP/1.1 301 Moved Permanently"); 
header("Location: " . $correcturl); 

on every page to avoid redirecting site visitors. Any ideas are appreciated.

P.S. The website operates on Apache Server.

The Bounce Rate from 2 to 75% since PHPSESSID

sounds odd. might be a possible script kiddie attack. that's not to shut an internet page due to PHPSESSID. will it develop PHPSESSID whenever you go to the website.

take a look at coding on individuals web pages additionally that do PHPSESSID

increase php file at top


    ini_set('session.use_trans_sid', 0);

    ini_set(‘session.use_only_cookies’, 1);

You appear to make use of the problem if ($correcturl != $actualurl) to identify drenched in customers. Avoid that, only use some session variable that you simply set following a user logs in. Then you definitely will not need PHPSESSID inside your addresses.

Following a customers logs in: $_SESSION['logged_in'] = true;

Your brand-new check: if (isset($_SESSION['logged_in']) && $_SESSION['logged_in'])